Learners will understand the role of ethical hacking in testing the security of networks, using techniques such as penetration testing and social engineering. Learners will also explore some of the tools and techniques used to identify vulnerabilities and the countermeasures that can minimise cyber attacks.
Understand the role of ethical hacking.
Role of ethical hacking: identification of vulnerabilities networks and systems, testing system and data security using penetration testing (PT), evasion of intrusion detection systems (IDS), evasion of intrusion prevention systems (IPS), evasion of Honeypots, social engineering, breaking encryption, valuating/reporting.
Vetting process: interviews, references, background checks (e.g., qualifications, employment, residence), professional memberships/code of conduct, professional qualification (e.g., Certified Ethical Hacker, CREST, SANS, CLAS) , security vetting code of practice, government vetting, baseline Personnel Security Standard (BPSS), security clearance , counter terrorism check, Disbarring and Vetting Service (formerly CRB Check).
Explain the role of ethical hacking and the activities that an ethical hacker can perform for an organisation.
Explain the processes used to vet ethical hackers for employment.
Understand a range of ethical hacking tools and techniques.
Tools (hardware and software) and techniques:
Physical: (i.e. environment, building, IT infrastructure): public records, satellite images, cameras, binoculars, specialised hardware (e.g., Pwn Phone, Plugbot), wireless sniffers (War Driving), VOIP (War Dialing), Bluetooth scanners , dumpster diving, RF scanners, drones.
Logical: (i.e., operating system, software and configuration): port Scanners (NMAP, Angry IP Scanner, NetScanTools), Sniffers (Snort), password crackers (Cain & Abel, THC Hydra, John the Ripper) , vulnerability scanners (Nessus, Nikto), wireless networks (Kismet, KisMac, NetStumbler), website (BurpSuite), generalist (Metasploit, Wapiti), forensic analysis.
Social: identify theft/spoofing (Piggybacking), shoulder surfing, pretexting, baiting, human intelligence gathering, deception.
Compare different ethical hacking tools and techniques used to identify weaknesses in a system from a physical, logical and social perspective.
Be able to plan, execute and report on the process of ethical hacking.
Ethical hacking plan: identify the system(s) to be tested, risks involved, timeline, knowledge of the system(s), action to be taken, deliverables (e.g., written / oral report), the plan should include physical, logical and human exploits.
Execute the plan and evaluate results: reconnaissance, scanning, gaining access, maintaining access, covering tracks.
The NIST 800-42 Method: planning, discovery, attack, report.
OCTAVE Allegro: develop risk measurement criteria, profile critical information assets, identify threats for each information asset, identify risks for each threat relating to an information asset.
INFOSEC PTES: pre-engagement interactions, intelligence gathering, threat modelling, vulnerability analysis, exploitation, post-exploitation, reporting.
Learners should record the results of their attacks whether successful or not, and include any vulnerabilities they identify and successful exploitations they were able to perform (i.e. successful penetrations).
Develop an ethical hacking plan to identify and test weaknesses.
Execute a series of ethical hacking attacks based upon the plan.
Report on the results of the attacks.